Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

59 advisories

Loading
CSRF Vuln can expose user's QRcode Low
GHSA-fxq4-r6mr-9x64 was published for Flask-Security-Too (pip) Apr 8, 2021
pterodactyl/panel CSRF allowing an external page to trigger a user logout event Low
CVE-2021-41176 was published for pterodactyl/panel (Composer) Oct 25, 2021
HDVinnie
Cross-Site Request Forgery in firefly-iii Low
CVE-2021-3901 was published for grumpydictator/firefly-iii (Composer) Oct 28, 2021
bookstack is vulnerable to Cross-Site Request Forgery (CSRF) Low
CVE-2021-3944 was published for ssddanbrown/bookstack (Composer) Dec 3, 2021
Cross-Site Request Forgery in remdex/livehelperchat Low
CVE-2021-4049 was published for remdex/livehelperchat (Composer) Dec 10, 2021
IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.13.xxx is vulnerable to reverse... Low Unreviewed
CVE-2022-22348 was published Mar 15, 2022
Cross-Site Request Forgery in YOURLS Low
CVE-2022-0088 was published for yourls/yourls (Composer) Apr 4, 2022
Cross-site request forgery (CSRF) vulnerability in admin.php in eTicket 1.5.5.2 allows remote... Low Unreviewed
CVE-2008-0266 was published May 1, 2022
Cross-site request forgery (CSRF) vulnerability in the rootpw plugin in rPath Appliance Platform... Low Unreviewed
CVE-2008-2140 was published May 1, 2022
Cross-site request forgery (CSRF) vulnerability in phpMyAdmin before 2.11.7.1 allows remote... Low Unreviewed
CVE-2008-3197 was published May 1, 2022
Routes used to stop running Metasploit tasks (either particular ones or all tasks) allowed GET... Low Unreviewed
CVE-2017-5244 was published May 13, 2022
Cross-site request forgery (CSRF) vulnerability in admin/settings/update in DClassifieds 0.1... Low Unreviewed
CVE-2012-0990 was published May 17, 2022
Multiple cross-site request forgery (CSRF) vulnerabilities in The Uniform Server 5.6.5 allow... Low Unreviewed
CVE-2010-2113 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through... Low Unreviewed
CVE-2016-3009 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in IBM Connections 4.0 through CR4, 4.5 through... Low Unreviewed
CVE-2016-2998 was published May 17, 2022
Cross-site scripting (XSS) vulnerability in McAfee Network Data Loss Prevention (NDLP) before 9.3... Low Unreviewed
CVE-2014-8521 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20... Low Unreviewed
CVE-2010-2151 was published May 17, 2022
Cross-site request forgery (CSRF) vulnerability in pbx/gate in Brekeke PBX 2.4.4.8 allows remote... Low Unreviewed
CVE-2010-2114 was published May 17, 2022
CSRF vulnerability in Jenkins Amazon EC2 Plugin Low
CVE-2020-2090 was published for org.jenkins-ci.plugins:ec2 (Maven) May 24, 2022
NotMyFault
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker... Low Unreviewed
CVE-2020-8615 was published May 24, 2022
CSRF vulnerability in Amazon EC2 Plugin Low
CVE-2020-2186 was published for org.jenkins-ci.plugins:ec2 (Maven) May 24, 2022
NotMyFault
OpenCart Cross-Site Request Forgery (CSRF) Low
CVE-2020-28838 was published for opencart/opencart (Composer) May 24, 2022
The SetFeatureEnabled.jspa resource in Jira Server and Data Center before version 8.5.13, from... Low Unreviewed
CVE-2021-26071 was published May 24, 2022
Cross Site Request Forgery (CSRF) vulnerability exists in v2.0.0 in video_list.php, which can let... Low Unreviewed
CVE-2020-18463 was published May 24, 2022
Cross Site Request Forgery (CSRF) vulnerability in AikCms 2.0.0 in video_list.php, which can let... Low Unreviewed
CVE-2020-18464 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database